CVE-2016-3377

CVE-2016-3377 affects the Chakra JavaScript engine in Microsoft Edge. The vulnerability involves memory corruption in the scripting engine when handling objects, exploitable by remote attackers via a crafted website, potentially enabling remote code execution or a denial-of-service. Connected doc...

CVE-2016-3350

The CVE-2016-3350 entry concerns the Chakra JavaScript engine in Microsoft Edge. It describes a memory corruption vulnerability in the Chakra engine that could allow remote code execution or a denial of service via a specially crafted website. Connected sources corroborate a Chakra memory corrupt...

Microsoft Edge Multiple Vulnerabilities (3183043)

This host is missing a critical security update according to Microsoft Bulletin MS16-105 SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

openSUSE Security Update : MozillaFirefox / mozilla-nss (openSUSE-2016-1028)

This update for MozillaFirefox, mozilla-nss fixes the following issues : Changes in MozillaFirefox : - Mozilla Firefox 48.0.1 : - Fixed an audio regression impacting some major websites bmo1295296 - Fix a top crash in the JavaScript engine bmo1290469 - Fix a startup crash issue caused by Websense...

openSUSE Security Update : Firefox (openSUSE-2016-1019)

This update includes Firefox 48.0.1 to fix a few regressions and a security issue : - Fix an audio regression impacting some major websites - Fix a top crash in the JavaScript engine - Fix a startup crash issue caused by Websense - Fix a different behavior with e10s / non-e10s on select and mouse...

CVE-2016-3296

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."...

[SECURITY] Fedora 24 Update: v8-3.14.5.10-25.fc24

V8 is Google's open source JavaScript engine. V8 is written in C++ and is u sed in Google Chrome, the open source browser from Google. V8 implements ECMASc ript as specified in ECMA-262, 3rd edition...

chromium-browser: same-origin bypass in v8

objects.cc in Google V8 before 5.2.361.27, as used in Google Chrome before 52.0.2743.82, does not prevent API interceptors from modifying a store target without setting a property, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...

chromium-browser: memory corruption in v8

Google V8 before 5.2.361.32, as used in Google Chrome before 52.0.2743.82, does not properly process left-trimmed objects, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via crafted JavaScript code...

ALPINE-CVE-2016-5129

Google V8 before 5.2.361.32, as used in Google Chrome before 52.0.2743.82, does not properly process left-trimmed objects, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via crafted JavaScript code...

Microsoft Edge Scripting Engine Memory Corruption Vulnerability

Microsoft Edge is a web browser developed by Microsoft and is the default browser that comes with the Windows 10 operating system.Chakra JavaScript engine is a JavaScript engine component used by Edge web browser. A memory corruption vulnerability exists in the Chakra JavaScript engine in Microso...

CVE-2016-3269

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3265...

CVE-2016-3265

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3269...

Memory corruption

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3269...

CVE-2016-3265

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3269...

CVE-2016-3265

CVE-2016-3265 impacts the Chakra JavaScript engine used by Microsoft Edge (ChakraCore). The connected documents describe a memory corruption vulnerability in the ChakraJS engine that could allow a remote attacker to execute arbitrary code or cause a denial of service via a crafted web site. The r...

Microsoft Edge Multiple Vulnerabilities (3169999)

This host is missing a critical security update according to Microsoft Bulletin MS16-085. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

MS16-085: Cumulative Security Update for Microsoft Edge (3169999)

The version of Microsoft Edge installed on the remote Windows host is missing Cumulative Security Update 3169999. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability exists due to a failure to properly implement Address Space Layout Randomization ASL...

The vulnerability of Google Chrome browser allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information.

The use of V8 bindings after release in Blink allows remote attackers to trigger service failures or otherwise affect the system by using operations on the HashMap instead of set HashMap. This vulnerability is related to the files bindings/core/v8/DOMWrapperMap.h and...

Microsoft Internet Explorer 11 - Garbage Collector Attribute Type Confusion (MS16-063)

Microsoft Internet Explorer 11 - Garbage Collector Attribute Type Confusion MS16-063 !-- CVE-2016-0199 / MS16-063: MSIE 11 garbage collector attribute type confusion ============================================================================ This information is available in an easier to read...